我的PHP代码中有以下函数/方法,我想根据密码或令牌和电子邮件检查一些用户内容。
function login($email, $password, $token) {
if (isset($email)) {
if (isset($password) && strlen($password) > 0) {
$stmt = $this->con->prepare("SELECT users.user_id, logins.email, logins.token, users.firstname, users.lastname, users.username
FROM users
INNER JOIN logins
ON users.login_id = logins.login_id
WHERE logins.email=? AND logins.password=?");
$stmt->bind_param("ss", $email, $password);
} elseif ($token && strlen($token) > 0) {
$stmt = $this->con->prepare("SELECT users.user_id, logins.email, logins.token, users.firstname, users.lastname, users.username
FROM users
INNER JOIN logins
ON users.login_id = logins.login_id
WHERE logins.email=? AND logins.token=?");
$stmt->bind_param("ss", $email, $token);
} else {
return $this->error_login_failure;
}
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($rUserId, $rEmail, $rToken, $rFirstname, $rLastname, $rUsername);
$stmt->fetch();
if ($rUserId != null || strlen($rUserId) > 0) {
$stmt->close();
$newToken = $this->insertNewToken($email, $password, $rToken);
if ($newToken == null) {
return $this->error_login_failure;
} else {
$returnValues = array();
$returnValues['userId'] = $rUserId;
$returnValues['email'] = $rEmail;
$returnValues['token'] = $rToken;
$returnValues['firstname'] = $rFirstname;
$returnValues['lastname'] = $rLastname;
$returnValues['username'] = $rUsername;
return $returnValues;
}
} else {
$stmt->close();
return $this->error_login_failure;
}
} else {
return $this->error_login_failure;
}
}
问题在于,当我传递令牌(非空)时,我没有得到任何回报。我调试了它,发现所有输入参数都是正确的,代码到达" elseif($ token&& strlen($ token)> 0){"。 但是当我尝试获取返回的数据时,不会返回任何内容。如果我传入密码,只有当它尝试第二个"如果"用令牌。
如果我以令牌作为参数进行第二次SQL查询并在终端中手动运行它,它也可以工作。我似乎无法找出问题所在。
非常感谢任何帮助。
答案 0 :(得分:0)
我在密码和令牌之间看到的唯一区别是isset命令。尝试添加它,就像我在下面做的那样,看看是否修复了它。除此之外,我会验证列名是否正确。
function login($email, $password, $token) {
if (isset($email)) {
if (isset($password) && strlen($password) > 0) {
$stmt = $this->con->prepare("SELECT users.user_id, logins.email, logins.token, users.firstname, users.lastname, users.username
FROM users
INNER JOIN logins
ON users.login_id = logins.login_id
WHERE logins.email=? AND logins.password=?");
$stmt->bind_param("ss", $email, $password);
} elseif (isset($token) && strlen($token) > 0) {
$stmt = $this->con->prepare("SELECT users.user_id, logins.email, logins.token, users.firstname, users.lastname, users.username
FROM users
INNER JOIN logins
ON users.login_id = logins.login_id
WHERE logins.email=? AND logins.token=?");
$stmt->bind_param("ss", $email, $token);
} else {
return $this->error_login_failure;
}
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($rUserId, $rEmail, $rToken, $rFirstname, $rLastname, $rUsername);
$stmt->fetch();
if ($rUserId != null || strlen($rUserId) > 0) {
$stmt->close();
$newToken = $this->insertNewToken($email, $password, $rToken);
if ($newToken == null) {
return $this->error_login_failure;
} else {
$returnValues = array();
$returnValues['userId'] = $rUserId;
$returnValues['email'] = $rEmail;
$returnValues['token'] = $rToken;
$returnValues['firstname'] = $rFirstname;
$returnValues['lastname'] = $rLastname;
$returnValues['username'] = $rUsername;
return $returnValues;
}
} else {
$stmt->close();
return $this->error_login_failure;
}
} else {
return $this->error_login_failure;
}
}